Enterprise Security Consultant – Security Consultant
2 days ago – Be among the first 25 applicants.
Main Responsibilities
This Security Consultant position will play a key role in the development and implementation of all security aspects for complex global applications based on Microsoft Azure technology and the broader Microsoft technology stack. The role is an individual contributor capable of supporting multiple project teams, including detailed involvement in implementation and certification of security controls across various projects/applications. It requires knowledge of multiple IT system architectures and cloud technologies, as well as supporting technologies such as IAM, network security, firewalls, user account management, auditing and logging, and other security concepts as described in ISO27001, OWASP, and related security standards.
Skills & Attributes for Success
Agile and DevOps Methodologies – Experience as a contributing member of a balanced team in an Agile or DevOps development environment.
Application Security – Experience in designing security controls for multilayered business solutions, including application-level access and authorization management, tenancy and data isolation, encryption, and logging. Hands‑on familiarity with REST APIs and microservices architecture.
Cloud Security – Technical understanding of virtualization, cloud infrastructure, and public cloud offerings, plus experience in designing configuration and security controls for cloud‑based solutions in Microsoft Azure, Google GCP, Amazon AWS, and other providers.
Infrastructure Security – Experience integrating common infrastructure security technologies and solutions into business solution architectures, including identity and access management, intrusion detection and prevention, security monitoring, and data encryption solutions.
Identity and Access Management (IAM) – Experience designing identity and access management based on Active Directory and integration with IDaaS and federation technologies.
Qualifications
Extensive experience in implementing, advising, and consulting on security configurations in complex IT architectures, including cloud environments (primarily Microsoft, but also covering a variety of IaaS, PaaS, and SaaS offerings from multiple vendors) and on‑premises solutions. In‑depth knowledge of IT system architecture concepts and cloud technologies, along with associated technologies such as IAM, network security, firewalls, software development best practices, system auditing, system hardening, and other security principles as described in ISO27001, OWASP, and related security standards. Proficiency in interpreting security reports (SAST and DAST) and testing results for applications, providing advice on required fixes and security measures based on policies and non‑functional requirements. A degree in Computer Science or a related field. Excellent communication skills, fluency in English (Spanish knowledge is an advantage), and the ability to collaborate with stakeholders ranging from developers and architects to business leaders and EY clients.
Ideally, you will also have
Operational Security – Experience in defining operational models and procedures for business solutions, including operation and maintenance of infrastructure and application security controls.
Information Security Standards – Knowledge of common information security standards, such as ISO 27001/27002, NIST CSF, FEDRAMP, CSA, and CIS Controls.
Cloud Security Certifications – Such as AZ‑300 Azure Architect Technologies.
Product Management – Working with broader business teams on security aspects that affect all phases, from concept to design, implementation, and then operational support.
What We Are Looking For
Individuals with a passion for information security and a proven ability to apply their knowledge to new and emerging technologies that support the growth strategy of a global professional services firm. The main challenges include designing and implementing security controls in complex global applications, requiring deep knowledge of IT system architecture and cloud technologies. The professional must be able to collaborate effectively with multiple project teams, ensuring security certification in a dynamic and constantly evolving environment, and interpret security reports and apply corrective measures to maintain solution integrity.
Job Requirements
Bachelor’s degree in Technology or related fields.
Experience in implementation and consulting on security configurations in complex IT architectures, including cloud environments.
Extensive experience in Cloud Security – Technical understanding of virtualization, cloud infrastructure, and public cloud offerings, along with experience in designing configurations and security controls for cloud‑based solutions in Microsoft Azure.
Strong knowledge of IT system architecture, identity and access management, and security principles in accordance with ISO27001 and OWASP standards.
Knowledge of programming language: Python.
Advanced English for corporate/business communication.
Desirable
Certifications: CISSP, Security+, CISA.
Spanish language skills.
Availability for occasional travel.
Key Responsibilities
Support internal application development teams and onboarding suppliers and their applications, ensuring alignment with EY security policies and international best practices.
Collaborate effectively with multiple project teams, ensuring security certification in a dynamic and constantly evolving environment.
Interpret security reports and apply corrective measures, essential to maintaining the integrity and protection of developed solutions.
Seniority level
Associate
Employment type
Full‑time
Job function
Information Technology
Industries
Professional Services
#J-18808-Ljbffr